Na opstart laptop snelheid OK, na een tijdje traag reagerende laptop

Hallo,

Zoals in het onderwerp vermeld is de laptop bij opstart kwa snelheid min of meer OK, hoe later op de dag echter hoe trager alles loopt.

Via het forum heb ik gemerkt dat er aangeraden wordt om HijackThis te draaien en de logfile mee te sturen, wat ik bij deze ook doe.

Alvast bedankt voor de respons,

Stamper

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:15:29, on 24/05/2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18904)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Eset\nod32kui.exe

C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Windows\RtHDVCpl.exe

D:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files\Microsoft Office\Office12\WINWORD.EXE

C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE

F:\Sprinto.exe

F:\Sprinto\speech\components\common\Sprint.exe

C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe

C:\Program Files\Internet Explorer\iexplore.exe

D:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HLN home

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "D:\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - D:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 7703 bytes

Dit logje ziet er nochtans (bijna) probleemloos uit.

Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Laat dan Malwarebytes even scannen en hang dit logje in een volgende bericht.

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

• Dubbelklik op Combofix.exe om het te starten.
  Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
  Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
  Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
  Klik na afloop terug op Ja om het scannen op malware te starten.
  Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
  

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord, samen met dat van Malwarebytes.

Hallo Kape,

Zowel Malwarebytes als ComboFix laten draaien en hieronder beide logfiles.

Malwarelog:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Databaseversie: 4103

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18904

25/05/2010 18:58:40

mbam-log-2010-05-25 (18-58-40).txt

Scantype: Snelle scan

Objecten gescand: 124896

Verstreken tijd: 11 minuut/minuten, 46 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

ComboFix log:

ComboFix 10-05-24.07 - Gebruiker 25/05/2010 19:59:51.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.534 [GMT 2:00]

Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe

* Aanwezig AV is actief

.

ADS - Windows: deleted 24 bytes in 1 streams.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\users\Gebruiker\AppData\Roaming\inst.exe

c:\users\Gebruiker\AppData\Roaming\Microsoft\Windows\Recent\Serials 2005 Homepage.url

F:\Autorun.inf

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-04-25 to 2010-05-25 ))))))))))))))))))))))))))))))

.

2010-05-25 18:21 . 2010-05-25 18:22 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp

2010-05-23 05:17 . 2010-05-23 05:17 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Uniblue

2010-05-23 05:09 . 2010-05-23 05:09 -------- d-----w- c:\programdata\SecTaskMan

2010-05-17 14:48 . 2010-05-17 14:48 -------- d-----w- c:\program files\Common Files\Windows Live

2010-05-15 05:29 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-05-15 05:29 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-05-14 17:44 . 2010-05-14 17:44 -------- d-----w- c:\program files\Ubisoft

2010-05-13 18:46 . 2010-05-14 07:17 -------- d-----w- c:\program files\Microsoft Works

2010-05-13 18:43 . 2010-05-13 18:43 -------- d-----w- c:\program files\Microsoft.NET

2010-05-13 18:40 . 2010-05-13 18:40 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2010-05-13 18:37 . 2010-05-13 18:37 -------- d-----r- C:\MSOCache

2010-05-12 12:24 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll

2010-05-10 16:48 . 2010-05-10 16:48 -------- d-----w- c:\program files\iPod

2010-05-08 11:31 . 2010-05-08 11:31 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Ubisoft

2010-05-08 11:31 . 2010-05-08 11:31 -------- d-----w- c:\programdata\Ubisoft

2010-05-08 11:30 . 2007-10-22 01:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll

2010-05-08 11:30 . 2007-10-12 13:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll

2010-05-08 11:30 . 2007-10-02 07:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll

2010-05-08 11:30 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll

2010-05-08 11:30 . 2007-07-19 22:57 267112 ----a-w- c:\windows\system32\xactengine2_9.dll

2010-05-08 11:30 . 2007-07-19 16:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll

2010-05-08 11:30 . 2007-07-19 16:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll

2010-05-08 11:30 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll

2010-05-08 11:30 . 2007-10-22 01:37 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll

2010-05-08 11:30 . 2006-12-08 10:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll

2010-05-08 11:30 . 2006-11-29 11:06 440080 ----a-w- c:\windows\system32\d3dx10.dll

2010-05-08 11:29 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll

2010-05-08 11:29 . 2006-09-28 14:05 237848 ----a-w- c:\windows\system32\xactengine2_4.dll

2010-05-08 11:29 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll

2010-05-08 11:29 . 2006-07-28 07:30 236824 ----a-w- c:\windows\system32\xactengine2_3.dll

2010-05-08 11:29 . 2006-07-28 07:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll

2010-04-29 17:14 . 2010-04-29 17:14 -------- d-----w- C:\found.002

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-05-25 16:44 . 2010-01-07 12:59 32251 ----a-w- c:\programdata\nvModes.dat

2010-05-25 06:06 . 2008-01-16 10:25 1076 ----a-w- c:\windows\bthservsdp.dat

2010-05-25 04:48 . 2008-11-13 16:31 -------- d-----w- c:\programdata\Google Updater

2010-05-24 18:26 . 2008-01-16 19:18 679914 ----a-w- c:\windows\system32\perfh013.dat

2010-05-24 18:26 . 2008-01-16 19:18 132318 ----a-w- c:\windows\system32\perfc013.dat

2010-05-24 05:29 . 2008-06-03 15:52 -------- d-----w- c:\program files\Google

2010-05-15 11:01 . 2008-01-16 10:40 152664 ----a-w- c:\users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT

2010-05-15 10:33 . 2008-12-09 19:20 -------- d-----w- c:\programdata\Microsoft Help

2010-05-15 09:28 . 2010-02-10 13:56 -------- d-----w- c:\program files\Electronic Arts

2010-05-14 17:44 . 2008-01-16 11:12 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-05-13 18:46 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild

2010-05-13 12:31 . 2008-07-07 18:29 -------- d-----w- c:\program files\Docudesk

2010-05-12 20:55 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-05-12 09:21 . 2009-10-02 23:33 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-10 16:48 . 2010-01-10 07:50 -------- d-----w- c:\program files\Common Files\Apple

2010-05-10 16:25 . 2010-05-10 16:25 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe

2010-04-09 13:53 . 2010-04-09 13:53 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\deskPDF

2010-04-06 15:22 . 2009-04-09 16:57 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\SPORE

2010-04-05 20:52 . 2010-04-05 20:49 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-04-05 20:43 . 2010-04-05 20:41 -------- d-----w- c:\program files\QuickTime

2010-04-01 13:24 . 2010-04-01 12:54 -------- d-----w- c:\program files\Parcours2

2010-03-30 12:55 . 2010-03-30 12:53 -------- d-----w- c:\program files\Markant2

2010-03-12 20:18 . 2010-03-12 20:18 98304 ----a-w- c:\programdata\NexonUS\NGM\npNxGameUS.dll

2010-03-12 20:18 . 2010-03-12 20:18 126976 ----a-w- c:\programdata\NexonUS\NGM\nxgameus.dll

2010-03-12 20:18 . 2010-03-12 20:18 765952 ----a-w- c:\programdata\NexonUS\NGM\NGMDll.dll

2010-03-12 20:18 . 2010-03-12 20:18 401408 ----a-w- c:\programdata\NexonUS\NGM\NGMResource.dll

2010-03-12 20:18 . 2010-03-12 20:18 258352 ----a-w- c:\programdata\NexonUS\NGM\unicows.dll

2010-03-12 20:18 . 2010-03-12 20:18 172032 ----a-w- c:\programdata\NexonUS\NGM\NGM.exe

2010-03-11 06:34 . 2010-03-11 06:34 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb5168.tmp.exe

2010-03-05 15:58 . 2008-07-20 06:59 952 --sha-w- c:\windows\system32\KGyGaAvL.sys

2010-03-05 14:01 . 2010-04-14 11:24 420352 ----a-w- c:\windows\system32\vbscript.dll

2008-09-02 14:03 . 2008-09-02 14:02 48 --sh--w- c:\windows\S50611250.tmp

2007-05-30 17:12 . 2007-05-30 17:12 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-13 39408]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-03-12 2937528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]

"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-16 949376]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1037736]

"Malwarebytes Anti-Malware (reboot)"="d:\malwarebytes' anti-malware\mbam.exe" [2010-04-29 1090952]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]

"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 4349952]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-01 13797992]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]

"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(:92,6c,2a,50,c4,8e,ca,01

2;2 ProtexisLicensing;ProtexisLicensing;c:\windows\system32\PSIService.exe [x]

R2 ehstart;Windows Media Center Service Launcher;c:\windows\system32\svchost.exe [2008-01-18 21504]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 135664]

R2 TBS;TPM Base Services;c:\windows\System32\svchost.exe [2008-01-18 21504]

R2 WPDBusEnum;Portable Device Enumerator-service;c:\windows\system32\svchost.exe [2008-01-18 21504]

R2 XAudio;XAudio;c:\windows\system32\DRIVERS\XAudio32.sys [x]

R2 XAudioService;XAudioService;c:\windows\system32\DRIVERS\xaudio.exe [2007-03-15 386560]

R3 Autodesk Licensing Service;Autodesk Licensing Service;c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-03 85096]

R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\drivers\brfiltlo.sys [2006-11-02 13568]

R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\drivers\brfiltup.sys [2006-11-02 5248]

R3 BrUsbSer;Brother MFC USB Serial WDM Driver;c:\windows\system32\drivers\brusbser.sys [2006-11-02 11904]

R3 BTHPORT;Stuurprogramma voor Bluetooth-poort;c:\windows\system32\Drivers\BTHport.sys [2009-04-10 507904]

R3 Cam5603D;Bison WebCam;c:\windows\system32\Drivers\BisonCam.sys [2007-05-16 753456]

R3 CertPropSvc;Certificate Propagation;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 DFSR;DFS Replication;c:\windows\system32\DFSR.exe [2009-04-10 2092544]

R3 E1G60;Intel® PRO/1000 NDIS 6 Adapter Driver;c:\windows\system32\DRIVERS\E1G60I32.sys [2006-11-02 117760]

R3 ehRecvr;Windows Media Center Receiver-service;c:\windows\ehome\ehRecvr.exe [2008-01-18 292352]

R3 ehSched;Windows Media Center Scheduler-service;c:\windows\ehome\ehsched.exe [2006-11-02 131072]

R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2008-01-18 27648]

R3 FLEXnet Licensing Service;FLEXnet Licensing Service;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-07 651720]

R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;c:\windows\system32\drivers\gagp30kx.sys [2006-11-02 58984]

R3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service;c:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

R3 IPBusEnum;PnP-X IP Bus Enumerator;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 lltdsvc;Link-Layer Topology Discovery Mapper;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service;c:\program files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]

R3 MSiSCSI;Microsoft iSCSI Initiator-service;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 MsRPC;MsRPC; [x]

R3 odserv;Microsoft Office Diagnostics Service;c:\program files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-03 441712]

R3 p2pimsvc;Peer Networking Identity Manager;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 p2psvc;Peer Networking Grouping;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]

R3 pla;Performance Logs & Alerts;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 PNRPAutoReg;PNRP Machine Name Publication-service;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 PNRPsvc;Peer Name Resolution Protocol;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 QWAVE;Quality Windows Audio Video Experience;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 QWAVEdrv;QWAVE-stuurprogramma;c:\windows\system32\drivers\qwavedrv.sys [2008-01-18 31232]

R3 SCPolicySvc;Smart Card Removal Policy;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 SDRSVC;Windows Back-up;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 Ser2pl;Prolific2 Serial port driver;c:\windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]

R3 SessionEnv;Terminal Services Configuration;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys [2006-11-02 12800]

R3 sffp_sd;SFF Storage Protocol Driver for SDBus;c:\windows\system32\drivers\sffp_sd.sys [2006-11-02 12800]

R3 SLUINotify;SL UI Notification-service;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 SNMPTRAP;SNMP Trap;c:\windows\System32\snmptrap.exe [2006-11-02 12800]

R3 Tcpip6;Microsoft IPv6-protocolstuurporgramma;c:\windows\system32\DRIVERS\tcpip.sys [2010-02-18 904576]

R3 THREADORDER;Thread Ordering Server;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [2009-04-10 39424]

R3 tssecsrv;Terminal Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2008-01-18 23552]

R3 uagp35;Microsoft AGPv3.5 Filter;c:\windows\system32\drivers\uagp35.sys [2006-11-02 56936]

R3 UI0Detect;Interactive Services Detection;c:\windows\system32\UI0Detect.exe [2008-01-18 35840]

R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\uliagpkx.sys [2006-11-02 58472]

R3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl.sys [2009-10-16 41472]

R3 wcncsvc;Windows Connect Now - Config Registrar;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 WdiServiceHost;Diagnostic Service Host;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 Wecsvc;Windows Event Collector;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 wercplsupport;Problem Reports and Solutions Control Panel Support;c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 WinRM;Windows Remote Management (WS-Management);c:\windows\System32\svchost.exe [2008-01-18 21504]

R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2008-01-18 21504]

R3 WpdUsb;WpdUsb;c:\windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

R4 adp94xx;adp94xx;c:\windows\system32\drivers\adp94xx.sys [2006-11-02 420968]

R4 adpahci;adpahci;c:\windows\system32\drivers\adpahci.sys [2006-11-02 297576]

R4 arcsas;arcsas;c:\windows\system32\drivers\arcsas.sys [2006-11-02 67688]

R4 blbdrive;blbdrive;c:\windows\system32\drivers\blbdrive.sys [x]

R4 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\system32\drivers\brserid.sys [2006-11-02 71808]

R4 BrSerWdm;Brother WDM Serial driver;c:\windows\system32\drivers\brserwdm.sys [2006-11-02 62336]

R4 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\system32\drivers\brusbmdm.sys [2006-11-02 12160]

R4 Crusoe;Transmeta Crusoe Processor Driver;c:\windows\system32\drivers\crusoe.sys [2006-11-02 38912]

R4 elxstor;elxstor;c:\windows\system32\drivers\elxstor.sys [2006-11-02 316520]

R4 HidBth;Microsoft Bluetooth HID Miniport;c:\windows\system32\drivers\hidbth.sys [2006-11-02 29184]

R4 HpCISSs;HpCISSs;c:\windows\system32\drivers\hpcisss.sys [2006-11-02 37480]

R4 iaStorV;Intel RAID Controller Vista;c:\windows\system32\drivers\iastorv.sys [2006-11-02 232040]

R4 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\ipmidrv.sys [2006-11-02 65536]

R4 iteatapi;ITEATAPI_Service_Install;c:\windows\system32\drivers\iteatapi.sys [2006-11-02 35944]

R4 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [2006-11-02 35944]

R4 JRAID;JRAID;c:\windows\system32\drivers\jraid.sys [2007-05-09 48640]

R4 LSI_FC;LSI_FC;c:\windows\system32\drivers\lsi_fc.sys [2006-11-02 65640]

R4 LSI_SAS;LSI_SAS;c:\windows\system32\drivers\lsi_sas.sys [2006-11-02 65640]

R4 LSI_SCSI;LSI_SCSI;c:\windows\system32\drivers\lsi_scsi.sys [2006-11-02 65640]

R4 Mcx2Svc;Windows Media Center Extender-service;c:\windows\system32\svchost.exe [2008-01-18 21504]

R4 megasas;megasas;c:\windows\system32\drivers\megasas.sys [2006-11-02 28776]

R4 mpio;Microsoft Multi-Path Bus Driver;c:\windows\system32\drivers\mpio.sys [2006-11-02 78952]

R4 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2007-05-30 25784]

R4 msdsm;Microsoft Multi-Path Device Specific Module;c:\windows\system32\drivers\msdsm.sys [2006-11-02 80488]

R4 nfrd960;nfrd960;c:\windows\system32\drivers\nfrd960.sys [2006-11-02 45160]

R4 ntrigdigi;N-trig HID Tablet Driver;c:\windows\system32\drivers\ntrigdigi.sys [2006-11-02 20608]

R4 ql2300;QLogic Fibre Channel Miniport Driver;c:\windows\system32\drivers\ql2300.sys [2006-11-02 900712]

R4 ql40xx;QLogic iSCSI Miniport Driver;c:\windows\system32\drivers\ql40xx.sys [2006-11-02 106088]

R4 sbp2port;SBP-2 Transport/Protocol Bus Driver;c:\windows\system32\drivers\sbp2port.sys [2006-11-02 76392]

R4 sermouse;Serial Mouse Driver;c:\windows\system32\drivers\sermouse.sys [2008-01-18 19968]

R4 sffdisk;SFF Storage Class Driver;c:\windows\system32\drivers\sffdisk.sys [2006-11-02 13312]

R4 SiSRaid2;SiSRaid2;c:\windows\system32\drivers\sisraid2.sys [2006-11-02 38504]

R4 SiSRaid4;SiSRaid4;c:\windows\system32\drivers\sisraid4.sys [2006-11-02 71784]

R4 uliahci;uliahci;c:\windows\system32\drivers\uliahci.sys [2006-11-02 235112]

R4 UlSata;UlSata;c:\windows\system32\drivers\ulsata.sys [2006-11-02 98408]

R4 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [2006-11-02 115816]

R4 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\system32\drivers\usbcir.sys [2006-11-02 68608]

R4 ViaC7;VIA C7 Processor Driver;c:\windows\system32\drivers\viac7.sys [2006-11-02 39424]

R4 vsmraid;vsmraid;c:\windows\system32\drivers\vsmraid.sys [2006-11-02 112232]

R4 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2006-11-02 20608]

R4 Wd;Microsoft Watchdog Timer Driver;c:\windows\system32\drivers\wd.sys [2006-11-02 19560]

R4 WmiAcpi;Microsoft Windows Management Interface for ACPI;c:\windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

S0 CLFS;Common Log (CLFS);c:\windows\System32\CLFS.sys [2009-04-10 245736]

S0 Ecache;ReadyBoost Caching Driver;c:\windows\System32\drivers\ecache.sys [2009-04-10 141288]

S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2008-01-18 58936]

S0 msisadrv;ISA/EISA Class-stuurprogramma;c:\windows\system32\drivers\msisadrv.sys [2008-01-18 16440]

S0 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2007-01-05 35920]

S0 nvstor32;nvstor32;c:\windows\system32\DRIVERS\nvstor32.sys [2007-08-09 110624]

S0 spldr;Security Processor Loader Driver; [x]

S0 volmgr;Stuurprogramma voor Volumebeheer;c:\windows\system32\drivers\volmgr.sys [2008-01-18 52792]

S0 volmgrx;Dynamic Volume Manager;c:\windows\System32\drivers\volmgrx.sys [2009-04-10 292840]

S0 Wdf01000;Kernel Mode Driver Frameworks service;c:\windows\system32\drivers\Wdf01000.sys [2008-01-18 503864]

S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2009-04-10 75264]

S1 ElbyCDIO;ElbyCDIO Driver;c:\windows\system32\Drivers\ElbyCDIO.sys [2010-01-01 26024]

S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-01-16 15424]

S1 nsiproxy;NSI proxy service;c:\windows\system32\drivers\nsiproxy.sys [2008-01-18 16384]

S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2008-01-18 6144]

S1 Smb;Bericht-georiënteerd TCP/IP- en TCP/IPv6-protocol (SMB-sessie);c:\windows\system32\DRIVERS\smb.sys [2009-04-10 66560]

S1 tdx;Stuurprogramma voor ondersteuning van NetIO Legacy TDI;c:\windows\system32\DRIVERS\tdx.sys [2009-04-10 72192]

S1 Wanarpv6;Remote Access IPv6 ARP Driver;c:\windows\system32\DRIVERS\wanarp.sys [2008-01-18 62464]

S1 WINIO;WINIO;c:\windows\system32\WinIo.sys [2007-01-04 9336]

S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;d:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]

S2 Apple Mobile Device;Mobiel Apple apparaat;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]

S2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 BthServ;Bluetooth Support-service;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 DPS;Diagnostic Policy Service;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 EMDMgmt;ReadyBoost;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 FDResPub;Function Discovery Resource Publication;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 gpsvc;Group Policy Client;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 IKEEXT;IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 iphlpsvc;IP Helper;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 KtmRm;KtmRm for Distributed Transaction Coordinator;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 lltdio;I/O-stuurprogramma van Link-Layer Topology Discovery Mapper;c:\windows\system32\DRIVERS\lltdio.sys [2008-01-18 47104]

S2 luafv;UAC File Virtualization;c:\windows\system32\drivers\luafv.sys [2008-01-18 84480]

S2 MMCSS;Multimedia Class Scheduler;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 MpsSvc;Windows Firewall;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 netprofm;Network List-service;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 NlaSvc;Network Location Awareness;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 nsi;Network Store Interface-service;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 nvsvc;NVIDIA Display Driver Service;c:\windows\system32\nvvsvc.exe [2009-09-01 211560]

S2 PcaSvc;Program Compatibility Assistant-service;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2006-11-02 878080]

S2 ProfSvc;User Profile-service;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 rspndr;Link-Layer Topology Discovery Responder;c:\windows\system32\DRIVERS\rspndr.sys [2008-01-18 60416]

S2 slsvc;Software Licensing;c:\windows\system32\SLsvc.exe [2009-04-10 3408896]

S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 TabletInputService;Tablet PC Input-service;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2009-12-08 30720]

S2 UxSms;Desktop Window Manager Session Manager;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 WerSvc;Windows Error Reporting-service;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2008-01-18 21504]

S2 Wlansvc;WLAN Auto Config;c:\windows\system32\svchost.exe [2008-01-18 21504]

S2 WSearch;Windows Search;c:\windows\system32\SearchIndexer.exe [2009-04-10 441344]

S3 ApfiltrService;Alps Pointing-device Filter Driver;c:\windows\system32\DRIVERS\Apfiltr.sys [2006-10-30 140800]

S3 Appinfo;Application Information;c:\windows\system32\svchost.exe [2008-01-18 21504]

S3 athr;Atheros Extensible Wireless LAN device driver;c:\windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]

S3 bowser;bowser;c:\windows\system32\DRIVERS\bowser.sys [2008-01-18 69632]

S3 BthEnum;Bluetooth Enumerator Service;c:\windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]

S3 BthPan;Bluetooth-apparaat (Personal Area Network);c:\windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio;c:\windows\system32\Drivers\BTHUSB.sys [2009-04-10 29696]

S3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2008-01-18 35328]

S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2009-09-25 634880]

S3 fdPHost;Function Discovery Provider Host;c:\windows\system32\svchost.exe [2008-01-18 21504]

S3 HidIr;Stuurprogramma voor Microsoft infrarood HID;c:\windows\system32\DRIVERS\hidir.sys [2008-01-18 21504]

S3 HSF_DPV;HSF_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]

S3 HSFHWAZL;HSFHWAZL;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]

S3 iScsiPrt;iScsiPort-stuurprogramma;c:\windows\system32\DRIVERS\msiscsi.sys [2009-04-10 180712]

S3 KeyIso;CNG Key Isolation;c:\windows\system32\lsass.exe [2009-06-15 9728]

S3 monitor;Microsoft Monitor Class Function Driver-service;c:\windows\system32\DRIVERS\monitor.sys [2008-01-18 41984]

S3 mpsdrv;Autorisatiestuurprogramma van Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [2008-01-18 64000]

S3 mrxsmb10;SMB 1.x MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb10.sys [2010-02-23 212992]

S3 mrxsmb20;SMB 2.0 MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb20.sys [2010-02-23 79360]

S3 NativeWifiP;NativeWiFi-filter;c:\windows\system32\DRIVERS\nwifi.sys [2009-04-10 148480]

S3 NuidFltr;NUID filter driver;c:\windows\system32\DRIVERS\NuidFltr.sys [2007-08-31 18856]

S3 nvlddmkm;nvlddmkm;c:\windows\system32\DRIVERS\nvlddmkm.sys [2009-09-01 9825728]

S3 nvsmu;nvsmu;c:\windows\system32\DRIVERS\nvsmu.sys [2006-09-15 11520]

S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI);c:\windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]

S3 smscirrx;SMSC CIR Receive;c:\windows\system32\DRIVERS\smscirrx.sys [2007-02-02 40448]

S3 srv2;srv2;c:\windows\system32\DRIVERS\srv2.sys [2009-09-14 144896]

S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2009-12-11 98816]

S3 StillCam;Stuurprogramma voor seriële digitale fotocamera;c:\windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]

S3 tunmp;Stuurprogramma voor Microsoft Tun Minipoort-adapter;c:\windows\system32\DRIVERS\tunmp.sys [2008-01-18 15360]

S3 tunnel;Microsoft IPv6 Tunnel Miniport Adapterstuurprogramma;c:\windows\system32\DRIVERS\tunnel.sys [2010-02-18 25088]

S3 umbus;UMBus Enumerator-stuurprogramma;c:\windows\system32\DRIVERS\umbus.sys [2008-01-18 34816]

S3 WdiSystemHost;Diagnostic System Host;c:\windows\System32\svchost.exe [2008-01-18 21504]

--- Andere Services/Drivers In Geheugen ---

*Deregistered* - MBAMSwissArmy

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

HsfXAudioService REG_MULTI_SZ HsfXAudioService

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

2008-01-16 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]

2010-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 17:12]

2010-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 17:12]

2010-01-18 c:\windows\Tasks\User_Feed_Synchronization-{17B660F0-07D7-433A-8ABB-96CE91BC2864}.job

- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hln.be/

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - Welcome to Windows Live

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

LSP: c:\windows\system32\imon.dll

.

.

------- Bestandsassociaties -------

.

.scr=AutoCADScriptFile

.

- - - - ORPHANS VERWIJDERD - - - -

AddRemove-EADM - d:\electronic arts\EADM\Uninstall.exe

AddRemove-{F37167DD-4436-4641-90B6-329D60632DDA} - c:\program files\InstallShield Installation Information\{F37167DD-4436-4641-90B6-329D60632DDA}\Setup.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-05-25 20:22

Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

c:\users\GEBRUI~1\AppData\Local\Temp\catchme.dll 53248 bytes executable

Scan succesvol afgerond

verborgen bestanden: 1

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-3961188977-656510558-3972116377-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:9f,30,b9,a8,4f,87,f5,c2,86,9a,5c,14,e7,08,d7,1f,a6,ca,fb,4d,e4,34,0c,

c2,17,57,a8,ab,fc,18,e0,3d,e3,d6,ef,db,6d,92,1a,76,03,86,98,96,8b,fd,4f,d1,\

"??"=hex:d3,1f,14,13,30,80,cb,a4,9a,2b,51,c3,6d,5a,05,1e

[HKEY_USERS\S-1-5-21-3961188977-656510558-3972116377-1000\Software\SecuROM\License information*]

"datasecu"=hex:06,38,d1,9e,d6,8d,9c,45,4e,bc,eb,78,64,dc,96,6f,51,3b,c7,43,30,

64,07,1d,8e,80,80,bf,bf,92,04,77,13,f1,e7,df,4a,2b,81,95,49,2a,51,39,9b,66,\

"rkeysecu"=hex:3e,80,9e,c4,40,b4,90,83,87,8e,33,49,64,ac,f8,d9

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:0000000f

.

Voltooingstijd: 2010-05-25 20:29:27

ComboFix-quarantined-files.txt 2010-05-25 18:29

Pre-Run: 49.358.053.376 bytes beschikbaar

Post-Run: 60.318.228.480 bytes beschikbaar

- - End Of File - - FE0ACB98A2F8A9DE2A1E00F1FBFF424C

Alvast bedankt voor de moeite om dit op te lossen.

Groetjes,

Stamper

Laat dit vetgedrukte bestand c:\windows\System32\svchost.exe eens scannen bij Jotti.

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\S50611250.tmp

c:\programdata\Google\Google Toolbar\Update\gtb5168.tmp.exe

Folder::

C:\found.002

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Hallo,

Heb c:\windows\System32\svchost.exe laten scannen door Jotti en het resultaat was voor alle scanners hetzelfde nl. niets gevonden. Ik ga er van uit dat dit goed nieuws is?

Vervolgens

File::

c:\windows\S50611250.tmp

c:\programdata\Google\Google Toolbar\Update\gtb5168.tmp.exe

Folder::

C:\found.002

in het kladblok geplakt, weggeschreven op als CFScript.txt op mijn bureaublad en het vervolgens laten bewerken door CombiFix.

Het logverslag:

ComboFix 10-05-24.07 - Gebruiker 26/05/2010 18:39:54.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.2046.1488 [GMT 2:00]

Gestart vanuit: c:\users\Gebruiker\Desktop\ComboFix.exe

gebruikte Opdracht switches :: c:\users\Gebruiker\Desktop\CFScript.txt

AV: ESET NOD32 antivirus systeem 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

* Aanwezig AV is actief

FILE ::

"c:\programdata\Google\Google Toolbar\Update\gtb5168.tmp.exe"

"c:\windows\S50611250.tmp"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\found.002

c:\found.002\file0000.chk

c:\programdata\Google\Google Toolbar\Update\gtb5168.tmp.exe

c:\windows\S50611250.tmp

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-04-26 to 2010-05-26 ))))))))))))))))))))))))))))))

.

2010-05-26 16:53 . 2010-05-26 16:54 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp

2010-05-26 16:53 . 2010-05-26 16:53 -------- d-----w- c:\users\Public\AppData\Local\temp

2010-05-26 16:53 . 2010-05-26 16:53 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-05-26 04:59 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll

2010-05-23 05:17 . 2010-05-23 05:17 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Uniblue

2010-05-17 14:48 . 2010-05-17 14:48 -------- d-----w- c:\program files\Common Files\Windows Live

2010-05-15 05:29 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-05-15 05:29 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-05-14 17:44 . 2010-05-14 17:44 -------- d-----w- c:\program files\Ubisoft

2010-05-13 18:46 . 2010-05-14 07:17 -------- d-----w- c:\program files\Microsoft Works

2010-05-13 18:43 . 2010-05-13 18:43 -------- d-----w- c:\program files\Microsoft.NET

2010-05-13 18:40 . 2010-05-13 18:40 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2010-05-13 18:37 . 2010-05-13 18:37 -------- d-----r- C:\MSOCache

2010-05-12 12:24 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll

2010-05-10 16:48 . 2010-05-10 16:48 -------- d-----w- c:\program files\iPod

2010-05-10 16:25 . 2010-05-10 16:25 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe

2010-05-08 11:31 . 2010-05-08 11:31 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\Ubisoft

2010-05-08 11:31 . 2010-05-08 11:31 -------- d-----w- c:\programdata\Ubisoft

2010-05-08 11:30 . 2007-10-22 01:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll

2010-05-08 11:30 . 2007-10-12 13:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll

2010-05-08 11:30 . 2007-10-02 07:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll

2010-05-08 11:30 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll

2010-05-08 11:30 . 2007-07-19 22:57 267112 ----a-w- c:\windows\system32\xactengine2_9.dll

2010-05-08 11:30 . 2007-07-19 16:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll

2010-05-08 11:30 . 2007-07-19 16:14 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll

2010-05-08 11:30 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll

2010-05-08 11:30 . 2007-10-22 01:37 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll

2010-05-08 11:30 . 2006-12-08 10:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll

2010-05-08 11:30 . 2006-11-29 11:06 440080 ----a-w- c:\windows\system32\d3dx10.dll

2010-05-08 11:29 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll

2010-05-08 11:29 . 2006-09-28 14:05 237848 ----a-w- c:\windows\system32\xactengine2_4.dll

2010-05-08 11:29 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll

2010-05-08 11:29 . 2006-07-28 07:30 236824 ----a-w- c:\windows\system32\xactengine2_3.dll

2010-05-08 11:29 . 2006-07-28 07:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-05-26 14:41 . 2008-01-16 19:18 679914 ----a-w- c:\windows\system32\perfh013.dat

2010-05-26 14:41 . 2008-01-16 19:18 132318 ----a-w- c:\windows\system32\perfc013.dat

2010-05-26 10:53 . 2008-11-13 16:31 -------- d-----w- c:\programdata\Google Updater

2010-05-26 10:50 . 2010-01-07 12:59 32251 ----a-w- c:\programdata\nvModes.dat

2010-05-26 05:42 . 2008-01-16 10:25 1076 ----a-w- c:\windows\bthservsdp.dat

2010-05-24 05:29 . 2008-06-03 15:52 -------- d-----w- c:\program files\Google

2010-05-15 11:01 . 2008-01-16 10:40 152664 ----a-w- c:\users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT

2010-05-15 10:33 . 2008-12-09 19:20 -------- d-----w- c:\programdata\Microsoft Help

2010-05-15 09:28 . 2010-02-10 13:56 -------- d-----w- c:\program files\Electronic Arts

2010-05-14 17:44 . 2008-01-16 11:12 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-05-13 18:46 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild

2010-05-13 12:31 . 2008-07-07 18:29 -------- d-----w- c:\program files\Docudesk

2010-05-12 20:55 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2010-05-12 09:21 . 2009-10-02 23:33 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-10 16:48 . 2010-01-10 07:50 -------- d-----w- c:\program files\Common Files\Apple

2010-04-09 13:53 . 2010-04-09 13:53 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\deskPDF

2010-04-06 15:22 . 2009-04-09 16:57 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\SPORE

2010-04-05 20:52 . 2010-04-05 20:49 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

2010-04-05 20:43 . 2010-04-05 20:41 -------- d-----w- c:\program files\QuickTime

2010-04-01 13:24 . 2010-04-01 12:54 -------- d-----w- c:\program files\Parcours2

2010-03-30 12:55 . 2010-03-30 12:53 -------- d-----w- c:\program files\Markant2

2010-03-12 20:18 . 2010-03-12 20:18 98304 ----a-w- c:\programdata\NexonUS\NGM\npNxGameUS.dll

2010-03-12 20:18 . 2010-03-12 20:18 126976 ----a-w- c:\programdata\NexonUS\NGM\nxgameus.dll

2010-03-12 20:18 . 2010-03-12 20:18 765952 ----a-w- c:\programdata\NexonUS\NGM\NGMDll.dll

2010-03-12 20:18 . 2010-03-12 20:18 401408 ----a-w- c:\programdata\NexonUS\NGM\NGMResource.dll

2010-03-12 20:18 . 2010-03-12 20:18 258352 ----a-w- c:\programdata\NexonUS\NGM\unicows.dll

2010-03-12 20:18 . 2010-03-12 20:18 172032 ----a-w- c:\programdata\NexonUS\NGM\NGM.exe

2010-03-05 15:58 . 2008-07-20 06:59 952 --sha-w- c:\windows\system32\KGyGaAvL.sys

2010-03-05 14:01 . 2010-04-14 11:24 420352 ----a-w- c:\windows\system32\vbscript.dll

2007-05-30 17:12 . 2007-05-30 17:12 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-13 39408]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-03-12 2937528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]

"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-01-16 949376]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-08-31 1037736]

"Malwarebytes Anti-Malware (reboot)"="d:\malwarebytes' anti-malware\mbam.exe" [2010-04-29 1090952]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2006-11-07 159744]

"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 4349952]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-01 13797992]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]

"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"VistaSp2"=hex(:92,6c,2a,50,c4,8e,ca,01

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 135664]

S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-01-16 15424]

S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;d:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]

S3 smscirrx;SMSC CIR Receive;c:\windows\system32\DRIVERS\smscirrx.sys [2007-02-02 40448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

HsfXAudioService REG_MULTI_SZ HsfXAudioService

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

2008-01-16 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]

2010-05-26 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-03 16:31]

2010-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 17:12]

2010-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-23 17:12]

2010-01-18 c:\windows\Tasks\User_Feed_Synchronization-{17B660F0-07D7-433A-8ABB-96CE91BC2864}.job

- c:\windows\system32\msfeedssync.exe [2010-03-31 04:54]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hln.be/

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - Welcome to Windows Live

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

LSP: c:\windows\system32\imon.dll

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-05-26 18:54

Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-3961188977-656510558-3972116377-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:9f,30,b9,a8,4f,87,f5,c2,86,9a,5c,14,e7,08,d7,1f,a6,ca,fb,4d,e4,34,0c,

c2,17,57,a8,ab,fc,18,e0,3d,e3,d6,ef,db,6d,92,1a,76,03,86,98,96,8b,fd,4f,d1,\

"??"=hex:d3,1f,14,13,30,80,cb,a4,9a,2b,51,c3,6d,5a,05,1e

[HKEY_USERS\S-1-5-21-3961188977-656510558-3972116377-1000\Software\SecuROM\License information*]

"datasecu"=hex:06,38,d1,9e,d6,8d,9c,45,4e,bc,eb,78,64,dc,96,6f,51,3b,c7,43,30,

64,07,1d,8e,80,80,bf,bf,92,04,77,13,f1,e7,df,4a,2b,81,95,49,2a,51,39,9b,66,\

"rkeysecu"=hex:3e,80,9e,c4,40,b4,90,83,87,8e,33,49,64,ac,f8,d9

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:0000000f

.

Voltooingstijd: 2010-05-26 19:00:00

ComboFix-quarantined-files.txt 2010-05-26 16:59

ComboFix2.txt 2010-05-25 18:29

Pre-Run: 60.275.597.312 bytes beschikbaar

Post-Run: 60.239.200.256 bytes beschikbaar

- - End Of File - - BAA16881BE58028EA226DFC9E268FF66

Nogmaals bedankt voor de moeite.

Vriendelijke groeten,

Stamper

OK, dit ziet er goed uit. Hoe staat het nu met de problemen ?

Hallo,

Een half uurtje na de correspondentie is de laptop uitgevallen. Ik vermoed door te hoge temperatuur. Tot nu heeft alles uitgestaan en alles werkt weer "perfect".

Hallo Kape,

De laptop werkt nu opnieuw als een zwitsers uurwerk.

Dank voor de hulp en nog veel succes toegewenst.

Stamper

Hallo,

Dacht dat alle problemen opgelost waren, doch helaas.

De laptop is weerom héél traag.

Ik heb nu gemerkt dat in het taakbeheer:

6 * rundll32.exe als imagenaam voorkomt met als beschrijving Windows-hostproces (Rundll32).

De CPU gebruik bedraagt 100% en het Fysiek geheugen is voor 89% in gebruik.

Deze cijfers zijn genoteerd met 2 programma's geopend nl.

Windows Internet Explorer en Microsoft Outlook.

Kan hier een reden liggen voor het trage werken van de laptop?

Alvast bedankt voor de hulp.

Stamper

Open het taakbeheer en ga naar de tab processen.

Klik op de hoofding van de kolom "cpu" tot de processen die veel cpu gebruiken bovenaan staan.

Als het weer traag begint te gaan, maak je een schermafbeelding van de processen en voeg deze als bijlage toe aan je volgend bericht.

Hoe je een bijlage toevoegt aan een bericht, kan je lezen in deze handleiding.